3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

239 commits

Author SHA1 Message Date
Jeff Slight e2c0897eba
gitlab: 13.7.1 -> 13.7.4 (#108720) 2021-01-29 21:13:59 +01:00
Pavol Rusnak a6ce00c50c
treewide: remove stdenv where not needed 2021-01-25 18:31:47 +01:00
zowoq 59b83c43e0 treewide: add final newline 2021-01-22 07:18:04 +10:00
Jonathan Ringer 9bb3fccb5b treewide: pkgs.pkgconfig -> pkgs.pkg-config, move pkgconfig to alias.nix
continuation of #109595

pkgconfig was aliased in 2018, however, it remained in
all-packages.nix due to its wide usage. This cleans
up the remaining references to pkgs.pkgsconfig and
moves the entry to aliases.nix.

python3Packages.pkgconfig remained unchanged because
it's the canonical name of the upstream package
on pypi.
2021-01-19 01:16:25 -08:00
Profpatsch 4a7f99d55d treewide: with stdenv.lib; in meta -> with lib;
Part of: https://github.com/NixOS/nixpkgs/issues/108938

meta = with stdenv.lib;

is a widely used pattern. We want to slowly remove
the `stdenv.lib` indirection and encourage people
to use `lib` directly. Thus let’s start with the meta
field.

This used a rewriting script to mostly automatically
replace all occurances of this pattern, and add the
`lib` argument to the package header if it doesn’t
exist yet.

The script in its current form is available at
https://cs.tvl.fyi/depot@2f807d7f141068d2d60676a89213eaa5353ca6e0/-/blob/users/Profpatsch/nixpkgs-rewriter/default.nix
2021-01-11 10:38:22 +01:00
Milan Pässler 44108c5d7c gitlab: take care of vendorSha256 in updater script 2020-12-27 00:39:20 +01:00
Milan Pässler 3157904d4a gitlab: remove unused deps.nix files
These were added again in https://github.com/NixOS/nixpkgs/pull/107558
because the update script still ran vgo2nix.
2020-12-27 00:39:20 +01:00
Jeff Slight e86efbc48b
gitlab: 13.6.1 -> 13.7.1 (#107558) 2020-12-26 22:06:22 +01:00
Milan Pässler 72ba4fce76 gitaly: build with system libgit2 2020-11-26 14:12:14 +01:00
Milan Pässler c1c2ff4a97 gitlab: 13.6.0 -> 13.6.1 2020-11-26 14:12:14 +01:00
Milan Pässler 844eddf330 gitlab-workhorse: use buildGoModule 2020-11-26 14:12:13 +01:00
Milan Pässler 2e4862d3ba gitlab-shell: use buildGoModule 2020-11-26 14:12:13 +01:00
Milan Pässler 0f344cc0db gitaly: use buildGoModule 2020-11-26 14:12:06 +01:00
Milan Pässler 2429d5a307 gitlab: 13.5.1 -> 13.6.0
Changed ruby version to 2.7.x to match upstream.
Added a gem config for gitlab-pg_query as it tries to download a source
tarball during the build process.
Also removed a patch for gitaly that has become obsolete by upstream fix
[here](de04077c25).
2020-11-21 01:38:35 +01:00
Milan Pässler 4555a26b06 gitlab: 13.4.3 -> 13.5.1 2020-11-20 19:26:30 +01:00
Jeff Slight 2cf524c825 gitlab: add new line to end of data.json file 2020-11-20 19:26:30 +01:00
Jeff Slight c16a977386 gitlab: 13.0.14 -> 13.4.3
13.4.3
2020-11-20 19:26:30 +01:00
Milan Pässler 6956ce821d gitlab: 13.0.12 -> 13.0.14 2020-08-30 11:24:25 -07:00
Florian Klink 5aa6b4c2a1
gitlab: 13.0.9 -> 13.0.12 (#94968) 2020-08-11 14:11:39 +02:00
Milan Pässler f3a353f184 gitlab: 13.0.8 -> 13.0.9
Security release: https://about.gitlab.com/releases/2020/07/06/critical-security-release-gitlab-13-1-3-released/
2020-07-07 22:15:03 +02:00
Florian Klink d986fccd9d
gitlab: 13.0.6 -> 13.0.8 (#92060) 2020-07-06 22:44:18 +02:00
Florian Klink 38a4af7d19 gitlab: 13.0.4 -> 13.0.6
CI Token Access Control

An authorization issue discovered in the mirroring logic allowed read access to private repositories. This issue is now mitigated in the latest release and is waiting for a CVE ID to be assigned.

https://about.gitlab.com/releases/2020/06/10/critical-security-release-13-0-6-released/
2020-06-11 00:27:11 +02:00
talyz 0b5c534598
gitlab: 13.0.3 -> 13.0.4
https://about.gitlab.com/releases/2020/06/03/critical-security-release-13-0-4-released/
2020-06-04 14:32:45 +02:00
Robin Gloster 79454f15ac
gitlab: 12.10.8 -> 13.0.3
https://about.gitlab.com/releases/2020/05/22/gitlab-13-0-released/
https://about.gitlab.com/releases/2020/05/27/security-release-13-0-1-released/
https://about.gitlab.com/releases/2020/05/29/gitlab-13-0-3-released/

The gitaly gitlab-shell config has moved into gitaly.toml. See
https://gitlab.com/gitlab-org/gitaly/-/issues/2182 for more info.
2020-06-04 14:32:39 +02:00
Robin Gloster b64205d164
Merge pull request #85293 from petabyteboy/feature/gitlab-12-9-x
gitlab: 12.8.10 -> 12.10.6
2020-05-31 06:10:29 +02:00
Robin Gloster af05325f10
gitlab: 12.10.6 -> 12.10.8 2020-05-31 03:11:57 +02:00
Robin Gloster 7060927382
gitaly: fix gitlab-shell-config path patching 2020-05-31 03:07:50 +02:00
Kimat Boven c270ecd5ee gitaly: use libgit2 from all-packages.nix 2020-05-22 10:39:24 +02:00
Milan Pässler e32bf64da0 gitaly: revert a commit that broke config loading 2020-05-19 01:31:14 +02:00
Milan Pässler 755554808f gitlab: increase webpack memory limit 2020-05-18 18:35:08 +02:00
Milan Pässler f61370214c gitlab: 12.8.10 -> 12.10.6 2020-05-18 18:34:46 +02:00
Frederik Rietdijk afb1041148 Merge master into staging-next 2020-05-02 09:39:00 +02:00
Florian Klink fc64bca95b gitlab: update.py: use the /refs endpoint
It seems the atom feed now needs authentication. Use the /refs endpoint,
which is used for the switch branch/tag dropdown. It doesn't show all
records, but has some pagination, but works well enough for now.
2020-05-01 00:13:43 +02:00
Florian Klink fdd0d0de1f gitlab: 12.8.9 -> 12.8.10 2020-04-30 23:16:50 +02:00
Florian Klink 9eb6dc762f gitaly: 12.8.9 -> 12.8.10 2020-04-30 23:16:43 +02:00
zowoq b5dc07a4b4 treewide: use $out instead of $bin with buildGoPackage 2020-04-28 20:30:29 +10:00
Florian Klink 81c34ec54f gitaly: 12.8.8 -> 12.8.9 2020-04-27 10:31:36 +02:00
Florian Klink b1f66bfcb2 gitlab-workhorse: 8.21.1 -> 8.21.2 2020-04-27 10:31:36 +02:00
Florian Klink d1902923fa gitlab: 12.8.8 -> 12.8.9
See
https://about.gitlab.com/releases/2020/04/14/critical-security-release-gitlab-12-dot-9-dot-3-released/
for details.
2020-04-27 10:31:36 +02:00
Michael Fellinger 4c26ab4198 gitlab: update.py: invoke bundle lock manually
`bundix -l` doesn't work, as it treats bundler's warning about upgrading
the lockfile version as an error, so invoke `bundle lock` manually.
2020-04-27 10:31:36 +02:00
Florian Klink 412bb5e04d gitlab: support passing --rev to the update-all script
While it's already possible to invoke `update-data` with the `--rev`
argument, one still needs to run all later phases manually.

Fix this, by having `update-all` also accept a `--rev` argument, and
pass it down to `update-data`.

Also, make the help text a bit more usable, by suggesting the usual
versioning scheme used these times.
2020-04-27 10:31:36 +02:00
Michael Reilly 84cf00f980
treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
Michael Fellinger f92600b406
update versions in Gemfile.lock 2020-04-06 15:02:13 +02:00
Florian Klink 8ab04fd87b gitlab: 12.8.7 -> 12.8.8 2020-03-27 10:08:59 +01:00
Kim Lindberger 3a173c1d75
gitlab: 12.8.6 -> 12.8.7 (#82838)
https://about.gitlab.com/releases/2020/03/16/gitlab-12-8-7-released/
2020-03-24 18:45:39 +01:00
Florian Klink 281bd03242 gitaly: 12.8.5 -> 12.8.6 2020-03-12 12:49:23 +01:00
Florian Klink ab3b836350 gitlab: 12.8.5 -> 12.8.6
https://about.gitlab.com/releases/2020/03/11/critical-security-release-gitlab-12-dot-8-dot-6-released/
2020-03-12 02:57:39 +01:00
Florian Klink d2061f024c gitlab: update script: unset GOROOT
or vgo2nix might not be able to resolve some dependencies.
2020-03-12 02:56:48 +01:00
Milan f391999026
gitlab: 12.8.2 -> 12.8.5 (#82142)
https://about.gitlab.com/releases/2020/03/09/gitlab-12-8-5-released/
2020-03-09 17:23:51 +01:00
Milan c25756f91c
gitlab: 12.8.1 -> 12.8.2 (#81803)
Includes multiple security fixes mentioned in
https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
(unfortunately, no CVE numbers as of yet)

 - Directory Traversal to Arbitrary File Read
 - Account Takeover Through Expired Link
 - Server Side Request Forgery Through Deprecated Service
 - Group Two-Factor Authentication Requirement Bypass
 - Stored XSS in Merge Request Pages
 - Stored XSS in Merge Request Submission Form
 - Stored XSS in File View
 - Stored XSS in Grafana Integration
 - Contribution Analytics Exposed to Non-members
 - Incorrect Access Control in Docker Registry via Deploy Tokens
 - Denial of Service via Permission Checks
 - Denial of Service in Design For Public Issue
 - GitHub Tokens Displayed in Plaintext on Integrations Page
 - Incorrect Access Control via LFS Import
 - Unescaped HTML in Header
 - Private Merge Request Titles Leaked via Widget
 - Project Namespace Exposed via Vulnerability Feedback Endpoint
 - Denial of Service Through Recursive Requests
 - Project Authorization Not Being Updated
 - Incorrect Permission Level For Group Invites
 - Disclosure of Private Group Epic Information
 - User IP Address Exposed via Badge images
 - Update postgresql (GitLab Omnibus)
2020-03-05 16:37:21 +01:00